Network Security

Understanding Network Security

These days, businesses are often so concerned with day-to-day operations that they have forgotten to invest in network security. Others understand the need for complete network security, but have a relaxed strategy in regards to their IT, which can be just as dangerous in the event of a data leak or issue.

What is Network Security?

  • It’s protection from getting hacked and helps keep the bad guys out
  • It’s keeping your data secure and backed up, automatically
  • It’s preventing your system from getting infected by a virus or malware attack
  • It’s performing routine maintenance and patching to keep your system up to date
  • It’s about being aware of possible security threats – Not sure how to do this? Click Here for a free IT Report on how to protect and preserve your data!

Network Security

What Can Network Security Protect Your Business From?

Bugs, Viruses, and other vulnerabilities have all existed since the beginning of computing, but the threats found in today’s technology world have vastly outnumbered and outperformed them.

In part, this is due to how society has grown heavily reliant on the internet and technology. Here are some of the threats which proper network security can protect your business from:

  • Spyware and Adware: While not particularly threatening they can invade your privacy and pave the way for more dangerous infections to enter the network. Spyware can log your keystrokes, providing the bad guys with your valuable information. While adware is simply an annoying means to gain profit, through things like pop-ups.
  • Phishing and Identity Theft: Hackers will often try to pose as a reputable institution which your business has relations with in attempt to steal information from you such as your credit card numbers, banking information, or passwords. They do this by appearing legitimate through an email address or a website designed to look like the real thing.
  • Viruses, Malware, and Exploitation of Vulnerabilities: The goal of the hacker is to infiltrate your databases and steal your information, or to leave behind a backdoor for later access at their leisure. Hackers often infect systems with viruses or malware which can either cause damage or allow for the hacker to gain remote control to the machine. These measures are difficult to remove as they are often implanted into several areas of the machine and hidden very well.

Network Security from AZCOMP Technologies

At AZCOMP Technologies, we take security very seriously. We take preventative measures to keep the threats from ever entering your system in the first place.

This lets you avoid costly repairs or downtime that often follow a hacking attack. We offer a comprehensive network security solution, that keeps threats of all kinds from entering your network and neutralizing those that already have. Some of things included in our network security solution are:

  • Next Generation Firewalls:  Firewalls are your first line of defense against outside threats. A firewall will analyze the traffic and data going to and from your network. You can think of it like a virtual bouncer which keeps dangerous things from entering your network.
  • Antivirus Software: If a virus or piece of malware does manage to get through your firewall, it can be killed off quickly with an enterprise-level antivirus software. An antivirus eliminates threats as quickly as possible while limiting the damage done.
  • Spam Blocking: Not only is spam annoying and useless, some phishing emails might slip through your defenses. Instead of going directly to the inbox where it may be accidentally opened, it goes to the spam folder, where it can be promptly ignored or deleted.
  • Content Filtering: Not all web content is safe for viewing, so it’s important that your team can tell when a site is fake and when they are real. Content filtering allows you to block certain websites from accessing your data. It’s also good for increasing productivity in the office by limiting employee access to time-wasting websites like Facebook, BuzzFeed, etc.
  • Security Patching: We ensure that your machines are up to date with the latest security patches available to help keep your network as secure as possible!

 

A Healthy network is a strong network, AZCOMP Technologies can handle all this technical information for you while you reap the benefits of a protected network.

Give us a call at 480.730.3055 or click below to receive your free report on what every small business owner must know about protecting and preserving critical data!

 

10 Pro Tips to Avoid Getting Scammed Online

Avoid Getting Scammed Online

Avoid Online Scams

Every day numerous phishing emails are sent to unsuspecting victims all over the world. While some of these messages are so abstract that they are obviously a fraud, others can be a bit more convincing.

In case you aren’t clear on what a phishing email is, it is an attempt by a cybercriminal to obtain sensitive information from you about any of your accounts, get usernames, passwords, credit card details, your social security number or anything else. They do this by disguising themselves as a trustworthy entity through email. These types of emails also have the risk of installing a virus onto your computer or doing you harm in any other number of ways.

So, how can you tell the difference between a phishing message and a legitimate message? Unfortunately, there is no one size fits all solution, but there are several techniques that you can look for. This article lists 10 of them.

1: The message contains a mismatched URL

One of the first things to look at in a suspicious email message is the integrity of any included or linked URLs. Oftentimes the URL in a phishing message will appear to be perfectly valid. However, if you hover your mouse over the top of the URL (but don’t click anything yet!), you should see the actual linked address (at least this does in Outlook). If the hyperlinked address is different from the address that is displayed, the message is likely fraudulent or dangerous.

2: URLs contain a misleading domain name

People who send these phishing scams often rely on their victims not knowing how the DNS naming structure for domains works. The last part of a domain name is the most telling. For example, the domain name info.SystemSafe.com would be a child domain of SystemSafe.com because

SystemSafe.com appears at the end of the full domain name (on the right-hand side). Conversely, SystemSafe.malware.com would clearly not have originated from SystemSafe.com because the reference to SystemSafe.com is on the left side of the domain name.

I have seen this trick used countless times by phishing artists as a way of trying to convince victims that a message came from a company like Microsoft. The phishing artist simply creates a child domain bearing the name Microsoft. The resulting domain name looks something like this: Microsoft.maliciousdomainname.com.

Similarly, the phishing artists also create close-match domains that will trick you without a close look. They take a familiar brand like Target or Microsoft and create a new domain with that brand name slightly misspelled. If you don’t look close, you might miss it. They will take target.com and change it to tarrget.com, or targt-customer-support.com.

3: The message contains poor spelling and grammar

Whenever a large company sends out a message on behalf of the company the message is usually reviewed for spelling, grammar, and several other things. So, if a message is filled with poor grammar or spelling mistakes, it probably didn’t come from a major corporation.

4: The message asks for personal information

No matter how official an email message might look, it’s always a bad sign if the message asks for personal information. Your bank doesn’t need you to send it your account number. It already knows what it is. Similarly, a reputable company should never send an email asking for your password, credit card number, or the answer to a security question.

5: The offer seems too good to be true

There is an old saying that if something seems too good to be true, it probably is. That holds especially true for email messages. If you receive a message from someone unknown to you who is making big promises, the message is probably a scam.

6: You didn’t initiate the action

Yesterday I received an email message informing me that I had won the lottery!

The only problem is that I never bought a lottery ticket. If you get a message informing you that you have won a contest you did not enter, you can bet that the message is a scam.

7: You’re asked to send money to cover expenses

One sign of a phishing email is being asked for money. You might not get asked for cash in the initial message. But sooner or later, phishing artists will likely ask for money to cover expenses, taxes, fees, etc. If that happens, you can be assured it’s a scam.

8: The message makes unrealistic threats

Although most phishing scams try to trick people into giving up cash or sensitive information by promising instant riches, some phishing attempts use intimidation to scare victims into giving up information. If a message contains unrealistic threats, it’s likely a scam

9: The message appears to be from a government agency

Phishers who use intimidation don’t always pose as a bank. Often, they’ll send messages claiming to have come from a law enforcement agency, the IRS, or just about any other entity that might scare the average law-abiding citizen.

I can’t tell you how government agencies work outside the United States. But here, government agencies don’t normally use email as an initial point of contact, and law enforcement agencies follow certain protocols. They don’t engage in email-based extortion—at least, not in our experience.

10: Something just doesn’t look right

In Las Vegas, casino security teams are taught to look for anything that JDLR—just doesn’t look right, as they call it. The idea is that if something looks off, there’s probably a good reason why. This same principle almost always applies to email messages. If you receive a message that seems suspicious, it’s usually in your best interest to avoid acting on the message.

To Summarize:

In summary, think before you click! You need to have your guard up and be leery of getting scammed. Use common sense and trust your instincts.

If you have any questions, or if you have fallen victim to a phishing email and need help getting problems resolved on your business computer or business network, we can help! You can learn all about our Managed IT Solutions here at our website, or you can contact us by calling (888) 799-4777.

Is Your IT Guy Holding You Prisoner?

Don’t Let Your IT Guy Hold You Prisoner

Here’s a question to think about: If your IT guy were to go away, would you know where all of your passwords, data, software licenses and disks, key codes, and other important information were stored? Do you know the process to log into your server? Do you know the passwords needed to access your employee’s workstations? Do you know where your offsite data is stored, and how to access it? Is your network documented so that another IT person could come in and pickup where it was left off? If not, your IT guy may be holding you prisoner.

If he’s doing his job well, you might not mind too much; however, you should require that they document your network in the event that they don’t show up for work one day.

Occasionally I’ve run across potential new clients who aren’t truly happy with their IT guy’s work, but stay with them out of fear. As one business owner to another, this is NEVER a good reason to stay with your current provider.

If you can’t trust the person with the most access and power over your computer network – the core of your business – you need to find someone you CAN trust. A truly professional person or provider would NEVER hold their client hostage or do any harm in handing over the “keys” to another company. In addition, any good IT Professional should be able to walk you through the transition to prevent that person from doing any damage.

How To Know If Your IT Is Doing A Good Job

Another reason business owners stay with their current IT solution, is simply because they don’t know what good service really is.  Time and time again, I’m absolutely SHOCKED by the incompetence and irresponsibility that I discover when auditing most business networks. In 98% of the computer networks I review, I find faulty or non-existent backup systems, security loopholes, half-helpful reporting, and broken or flawed systems that simply cost more to maintain.

Why do so many businesses pay for substandard computer support? Simply because they don’t know how to truly verify that their network IS secure and they end up having to take someone at their word.

 


Here’s a quick test to see if your IT guy is doing his job well. If your technician does not score a “yes” on every point, you could be paying for substandard support

  1. Do they answer their phones “live” and respond to support issues in one hour or less?
  2. Are they remotely monitoring your network 24-7-365 to keep critical security settings, virus definitions, and security patches up to date?
  3. Do they INSIST on monitoring an offsite as well as an onsite backup, or are they letting you rely on outdated tape backups?
  4. Do they INSIST on doing periodic test restores of your backups to make sure the data is not corrupt and could be restored in the event of a disaster?
  5. Do they consistently (and proactively) offer innovative ways to improve your network’s performance, or do they wait until you have a problem to make recommendations?
  6. Do they explain what they are doing and answer your questions in terms that you can understand (not geek-speak)?
  7. Do they complete projects on time and on budget, or does every project end up taking longer and costing more than you expected?
  8. Do they offer any guarantees on their services?
  9. Do they have other technicians on staff who are familiar with your network in case your regular technician goes on vacation or gets sick?
  10. Do their technicians maintain current vendor certifications and participate in ongoing training, or do you feel as though they are learning on your dime?
  11. Do you have to manage their progress on projects, or do they provide frequent updates, status reports, and follow-up calls and e-mails?
  12. Do they take calls from other clients while working on your network (and on your dime)?
  13. Do they offer flat-rate or fixed-fee project quotes, or do they give themselves an open playing field with “time and materials?”

If your current IT solution failed This test, we would like to give you a FREE Network Assessment to ensure things are done correctly!

If you’re NOT happy with your IT person and have a suspicion that they aren’t doing the best job possible, then call us for a second opinion. At no cost or obligation to you, we’ll come to your office and conduct a network assessment to look for problems with your backup, security, speed, and any other problems that could lead to data loss, downtime, and high repair fees.

CMS Extends (PQRS) Deadline for EHR Submission

CMS Extends Deadline for 2016 Physician Quality Reporting System (PQRS) Electronic Health Record (EHR) Submission

***(This is an email we received from CMS March 13th 2017)***

CMS extends the submission deadline for 2016 Quality Reporting Document Architecture (QRDA) data submission for the EHR reporting mechanism of the Physician Quality Reporting System (PQRS) program. Individual eligible professionals (EPs), PQRS group practices, qualified clinical data registries (QCDRs), and qualified EHR data submission vendors (DSVs) now have until Friday, March 31, 2017 to submit 2016 EHR data via QRDA. The deadline is extended to March 31, 2017 for EPs to electronically report electronic Clinical Quality Measures (eCQMs) for the Medicare EHR Incentive Program.

Please Note: The deadline for eCQM data submission for hospitals participating in the Hospital Inpatient Quality Reporting (IQR) Program and to meet the electronic reporting of Clinical Quality Measures (CQMs) portion of the EHR Incentive Program is Monday, March 13, 2017 at 11:59 p.m. Pacific Time (PT). The deadline for reporting via attestation and Meaningful Use objective and measure submission for providers participating in the Medicare EHR Incentive Program is Monday, March 13, 2017 at 11:59 p.m. Eastern Time (ET).

A complete list of 2016 data submission timeframes is below:

March 13, 2017 deadline:

  • eCQM reporting for hospitals – 1/3/17 – 3/13/17
  • CQM reporting via attestation – 1/3/17 – 3/13/17
  • Meaningful Use objectives and measures – 1/3/17 – 3/13/17

March 17, 2017 deadline:

  • Web Interface – 1/16/17 – 3/17/17

March 31, 2017 deadlines:

  • EHR Direct or Data Submission Vendor (QRDA I or III) – 1/3/17 – 3/31/17
  • Qualified Clinical Data Registries (QRDA III) – 1/3/17 – 3/31/17
  • Qualified Registries (Registry XML) – 1/3/17 – 3/31/17
  • QCDRs (QCDR XML) – 1/3/17 – 3/31/17
  • eCQM reporting for EPs – 1/3/17 – 3/31/17

Submission ends at 8:00 p.m. Eastern Time (ET) on the end date listed for PQRS reporting. An Enterprise Identity Management (EIDM) account with the “Submitter Role” is required for these PQRS data submission methods. Please see the EIDM System Toolkit for additional information.

EPs who do not satisfactorily report 2016 quality measure data to meet the PQRS requirements will be subject to a downward PQRS payment adjustment on all Medicare Part B Physician Fee Schedule (PFS) services rendered in 2018. For questions, please contact the QualityNet Help Desk at 1-866-288-8912 or via email at Qnetsupport@hcqis.org from 7:00 a.m. – 7:00 p.m. Central Time. Complete information about PQRS is available here.

Disclaimer: AZCOMP Technologies, Inc, (AZCOMP) is providing this material as an informational reference for eligible professionals. Although every reasonable effort has been made to assure the accuracy of the information within these pages at the time of posting, the EHR Incentive program is constantly changing, and it is the responsibility of each provider to remain abreast of the EHR Incentive program requirements.

Notice Regarding Print-Image Files and ICD-10

Are you still submitting claims to your clearinghouse using “Print-Image” files?

If you are still using the print image method for submitting claims, you need to start submitting using the new CMS 1500 02/12 claim form or your cash flow will be negatively impacted.

As October 1, 2015 approaches, the primary concern for all providers is whether or not they will continue to receive revenue as the entire industry makes the biggest transition in healthcare in 35 years! While many practices are finishing off the tail end of their ICD-10 Action Plans, and are well on their way to a smooth transition, we have recently seen a surge in calls from practices that have not yet completed ICD-10 testing with their clearinghouse and payers.

As we are assisting practices with their testing, we are finding a higher than expected number of practices that are sending print image files to their clearinghouses. Most clearinghouses cut off the use of print image files when the industry shifted to the new CMS 1500 02/12 form back on April 1, 2014. However, there are still a few outliers that continued to allow users to submit print image files.

Keep in mind that HIPAA required all electronic transactions to be submitted in the ANSI 5010 format as of January 1, 2012.

In order to comply with this new standard, Medisoft built the capability to submit claims in the 5010 format directly from the program through the Revenue Management module. If you are not using Revenue Management then you are submitting claims in a print image format to your clearinghouse. Then the clearinghouse is converting the print image file for you to the ANSI 5010 format and forwarding it on to the payers.

How You Can Find Out If You Are Sending “Print Image” Text Files

Typically the print image format comes from a file that is formatted based on the HCFA claim form fields. In Medisoft and Lytec the most common method of producing the print image file was by setting up an EDI receiver to launch an executable file called CMS11.exe. Here is a sample of what you may see when you are sending claims that notifies you that you are sending a “print image” text file.

medisoft cms11 text file print image

Or you can watch this short video where we show you in Medisoft how you can find out if you are sending “print image” files.

Don’t Let Your Claims Get DENIED

As of Medisoft v19 and Lytec 2014, Medisoft and Lytec discontinued support of the cms11.exe file. It was never updated to match the new claim form or to handle ICD-10 codes. Therefore, if you are still relying on this method to submit claims there is a very high likelihood that your ICD-10 claims will be DENIED starting October 1, 2015.

While some clearinghouses may continue to support print image file submissions, our understanding is that they will require you to use a print image file that produces a print image of the CMS 1500 02/12 claim form. Please take note that the CMS11.exe file produces the old 08/05 claim format and that print image submission is not supported in Medisoft or Lytec.

Get On Board With Revenue Management

The good news is Medisoft v19 (and Medisoft v20) and Lytec 2014 (and Lytec 2015) are both equipped with not only the new 02/12 claim forms, but also with Revenue Management. The Revenue Management module in Medisoft and Lytec can be configured to send claims to any clearinghouse or even directly to the payers in the 5010 format.

In addition, Revenue Management has features such as claim scrubbing and ERA posting that your practice can take advantage of to streamline billing processes.

revenue management claim check screen shot

While the Revenue Management application is included with the ICD-10 compatible versions of Medisoft and Lytec, it does require setup and configuration to successfully utilize it. If you need to get setup on Revenue Management please call us at (888) 799-4777 to schedule the configuration with an EDI Professional!

If You Need Revenue Management Configured, Don’t Wait!

Please do not wait to contact us as the backlog of practices that need configuration and training is growing and our availability is based on first come first serve.

We also highly recommend contacting your clearinghouse as soon as possible to discuss this change, and to coordinate the switch from the print image file to the ANSI 5010 format.

Here Is A Clip From A Recent Webinar Explaining The Problem And What You Can Do About It

video play - no print image support